iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (0)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Caesar Cipher
  • Sh3llc0d3
    Posts: 1,910
    Caesar Cipher by Sh3llc0d3

    Another hobby of mine is mathematics, alegbra specifically although trigonometry is another area I like. Today I’m going to move away from networking and demonstrate the Caesar cipher which is a monoalphabetic cipher/substitution. The Caesar Cipher uses a very slight encryption of n+3. ‘n’ being the letter of the alphabet you wish to encrypt, it’s also known as Caesar’s code, the ‘shift’ cipher and the Caesar shift (shift meaning it shifts places).

    [align=center]http://www.stealthcopter.com/blog/wp-content/uploads/2009/12/320px-Caesar3.png
    [/align]
    A very simple example of a plaintext string is below:

    ‘iexploit is awesome by shellcode’



    Using the Caesar Cipher we encrypt it thus:

    ‘lhasorlw lv dzhvrph eb vkhoofrgh’



    Most people would not understand that but to a cryptologist/cryptanalyst it would be easily broken. Therefore we can use other methods to distort the code, please note this is not a second layer of encryption!

    Original encrypted string:

    ‘lhasorlw lv dzhvrph eb vkhoofrgh’



    Removing the spaces gives a slight distortion, however not very much:

    ‘lhasorlwlvdzhvrphebvkhoofrgh’



    A common practice is to remove all the normal spaces in the phrase and then add spaces at set intervals, for instance after every 4th character:

    ‘lhas orlw lvdz hvrp hebv khoo frgh’



    From the original phrase/string we could clearly make out words by the spacing, using the frequency of the characters and the ideology that certain letters appear more frequently in words than others we could crack the encrypted phrase. I might also add, removing/adding spaces does not alter frequency, it would still be 'crackable'.

    The modular arithmetic representation is shown below:
    Where ‘x’ is the letter and ‘n’ is the shift:
    Encryption
    http://i.imgur.com/H5xib.png
    Decryption
    http://i.imgur.com/BjSCT.png

    Please note: I'm not here to give maths lessons :P

    This thread is short as I didn't really want to lose anyone half-way through frequency analysis. Using several high-level mathematical equations the code can be broken, however as a lot of people here and in forums like this in general aren't out of school/college I've kept the maths to a minimum. I just wanted to demonstrate a simple cipher and maybe some of you will learn more about it :)

    I'll give more examples soon and I'm working on a full-blown paper on ciphers at the moment so bare with me.

    Code Example
    Java - Thanks to Deque for providing this code snippet in Java.
    public String encrypt(String plainText, int shift) {
            StringBuilder code = new StringBuilder();

            for (char c : plainText.toCharArray()) {
                    if (Character.isWhitespace(c)) {
                            code.append(c); //leave whitespaces the way they are
                    } else {
                            int s = ((c % 'A' + shift) % 26); //the encryption formula
                            if (s > 25) {
                                    s = s - 26; //result is not in range 0...25
                            } else if (s < 0) {
                                    s = s + 26; //result is not in range 0...25
                            }
                            code.append((char) (s + 'A')); //append resulting letter to the encrypted string
                    }

            }
            return code.toString();
    }

    public String decrypt(String code, int shift) {
            return encrypt(code, -shift);
    }
  • Sh3llc0d3
    Posts: 1,910
    Beginning to crack the Caesar Cipher:

    ‘lhasorlw lv dzhvrph eb vkhoofrgh’

    A simple guess can lead to some of the code being broken, for instance we take the above encrypted phrase. 'lv' and 'eb' are clearly seperate two-letter words. The most common ones off the top of my head in the english language are:

    'is', 'or', 'of', 'he', 'be' and 'it'

    Those are off the top of my head, however we've clearly covered the two words within that one list of guesses. Now we fragment the words and look at individual characters, 'h' and 'o' are commonly used. Now we know that 'e' is the most common letter in the english alphabet. It doesn't look like many words are 9 letters long 'xxxeexxxx'. It just doesn't look right, so we move to another common letter (vowel), 'i', two of our guesses had 'i' in the beginning, it makes sense that in this case 'l' could be 'i'. This leads us to the first word beginning with 'i' and the second beginning with 'i' also, meaning it must be either 'is' or 'it' if we are using our guesses. This method is a process of guessing and using real-world facts & probability. It's the less technical option however full-on frequency analysis is only an extension of this with a lot higher complex maths involved.

    With knowing only a few letter we could see a pattern of it being n+3 (very simple), and then reverse it for every character (n-3), giving our decrypted phrase
  • Xin
    Posts: 3,251
    Nice little guide mate,
    Xin
  • Null Set
    Posts: 112
    For this cipher though, a frequency analysis is a waste of time. What you'd prefer is to bruteforce it since there are only 26 possible alternatives anyway. Surely one of those will make sense if this is based on an English plaintext.

    Good explanation though. :)
  • Deque
    Posts: 78
    What I did for cracking a shift cipher was just determining the most frequent letter which should translate to 'e'. If it was wrong you can try the second most frequent letter for 'e' and so on.
    This is a kind of frequency analysis too, but very simple and you don't need to read all 26 possibilities.

    Good paper, Sh3llc0d3.
  • Null Set
    Posts: 112
    said:


    What I did for cracking a shift cipher was just determining the most frequent letter which should translate to 'e'. If it was wrong you can try the second most frequent letter for 'e' and so on.
    This is a kind of frequency analysis too, but very simple and you don't need to read all 26 possibilities.

    Good paper, Sh3llc0d3.



    A code can complete a bruteforce of all possible shifts in a matter of seconds and this with 100% certainty that one of those shifts is the plaintext. You actually only need to calculate for 25 because the crypt-text is already one of the 26 shifts.

    Having to consider frequency analysis though in such a situation would not only increase coding time, but also have less than 100% chance of one of them being the correct shift.

    If you prefer that, then well and good for you. But i'd rather just bruteforce for a few seconds with a 100% accuracy than code something for a long time for less accuracy. :P
  • Deque
    Posts: 78

    but also have less than 100% chance of one of them being the correct shift.


    No it hasn't a less chance. My way is the same as yours. I just give the messages a better order, so that the first is the message that is most probably correct.
    For your bruteforcing the user has to read through 25 messages to determine the correct one. I give it a bit more convenience.

    would not only increase coding time


    It is not complicate to count frequencies of single letters. This is done in ten minutes coding time.
  • Null Set
    Posts: 112
    said:


    but also have less than 100% chance of one of them being the correct shift.


    No it hasn't a less chance. My way is the same as yours. I just give the messages a better order, so that the first is the message that is most probably correct.
    For your bruteforcing the user has to read through 25 messages to determine the correct one. I give it a bit more convenience.

    would not only increase coding time


    It is not complicate to count frequencies of single letters. This is done in ten minutes coding time.


    I agree with the optimization it brings. And yeah, it's not that difficult. If I were to code a tool for future purposes, I'd do it this way as well. Bruteforcing though, even without any help from that, does the job - that's usually what's important.
  • ir0n
    Posts: 5
    where do they use this cipher? I mean advance ciphers are available so i don't think they use it anywhere,but really a VERY GOOD explanation
  • Sh3llc0d3
    Posts: 1,910
    said:


    where do they use this cipher? I mean advance ciphers are available so i don't think they use it anywhere,but really a VERY GOOD explanation



    Well practically I doubt it's in use anywhere or at least not in it's pure form. Caesar cipher I would argue is the most basic cipher of use - hence why I chose it to write up on. Caesar is old school and very helpful when learning crptography and cryptanalysis.

    Thanks though, I love this stuff so it was good writing about it.
  • Deque
    Posts: 78
    said:


    where do they use this cipher? I mean advance ciphers are available so i don't think they use it anywhere,but really a VERY GOOD explanation



    It was used by Caesar (I guess you know that already). Back then it was ok, they had no computers to automate the en-/decryption and the cipher was not well known. So it worked for that time.

    The use is like Sh3llc0d3 said that you have an easy to implement cipher here to get you started with cryptography and also with the weaknesses of ciphers. It is not hard to understand and you can try immediately to make a program for cracking this cipher. That is the basis for a beginner to go on with more difficult ciphers.
    No one can start with an AES right away.
  • acton1x
    Posts: 9
    Good explanation!

    I wrote a tool once which brute forced a ceasar cipher, it was done in a second and I just had to look over the 25 lines to see if one word/sentence has any similarity to any known words/phrases.

    And addition to this could be to switch the letters.
    i.e:

    $ ./brute "texttexttexttext" | tr abcdefg... zyxwvuts...

    or even

    $ ./brute "texttexttexttext" | tr asdfghjkl... qwertyuio...
    This would even make a brute forcing useless without knowing the key.

    Has anyone read about the smiley "encryption" in the 2600 28:1?
  • Sh3llc0d3
    Posts: 1,910
    Thanks guys, agree completely with you on the learning aspect of this cipher Deque. I also made an encryption/decryption program in c++ a while back I will try find it and include a code example.
  • Deque
    Posts: 78
    Here is one I made in Java in case you want to show implementations in several languages: 

    public String encrypt(String plainText, int shift) {
            StringBuilder code = new StringBuilder();

            for (char c : plainText.toCharArray()) {
                    if (Character.isWhitespace(c)) { 
                            code.append(c); //leave whitespaces the way they are
                    } else {
                            int s = ((c % 'A' + shift) % 26); //the encryption formula
                            if (s > 25) { 
                                    s = s - 26; //result is not in range 0...25
                            } else if (s < 0) {
                                    s = s + 26; //result is not in range 0...25
                            }
                            code.append((char) (s + 'A')); //append resulting letter to the encrypted string
                    }

            }
            return code.toString();
    }

    public String decrypt(String code, int shift) {
            return encrypt(code, -shift);
    }
  • Sh3llc0d3
    Posts: 1,910
    Thanks Deque, I think it's good having codeexamples. I'll add it to main post :).
Add a Comment